THREATOPS
THREAT OPSCVEs › CVE-2025-27363

CVE-2025-27363 — FreeType Out-of-Bounds Write Vulnerability

CISA KEVExploited: confirmedFreeType

FreeType contains an out-of-bounds write vulnerability when attempting to parse font subglyph structures related to TrueType GX and variable font files that may allow for arbitrary code execution.

Vulnerability details